The key advantage of beating RAM is that its failure requires equipment that costs less than $ 50. It also allows active decryption, which means encrypted data, can be read and faked. In addition, he works against SGX and SEV-SNP if they work with DDR4 memory modules.
Listening
ListeningMeanwhile, it is limited to a violation of only SGX working with DDR4, although researchers say that this will probably work against AMD protection with a modest amount of additional work. It will enlighten, however, allows only passively decryption, which means that protected data can be read, but the data cannot be recorded in protected areas of memory. The cost of the interim light and equipment for the analysis of the received data also costs significantly more than beating RAM, from about $ 1,000.
Listening to the interposer.
Credit: Seto, et al.
Inter -granist listening to listening, connected to a logical analyzer.
Credit: Seto, et al.
Inter -granist listening to listening, connected to a logical analyzer.
Credit: Seto, et al.
Like the beating of the RAM, Wiretap uses determinist encryption, with the exception of the last attack, displaying the encrypted text in the list of known words with open text, from which the encrypted text is obtained. In the end, the attack can restore a sufficiently encrypted text to reconstruct the certification key.
Genkin explained:
Suppose you have an encrypted list of words that will later be used to form sentences. You know the list in advance, and you get an encrypted list in the same order (therefore, you know the display between each word and its corresponding encryption). Then, when you encounter an encrypted sentence, you just take the encryption of each word and compare it with your list. Going a word by the word, you can decipher the entire sentence. In fact, until the majority of the words are on your list, you are probably ultimately to decipher the whole conversation. In our case, we are building a dictionary between the general values ​​that arise in the ECDSA algorithm and corresponding to their encryption, and then use this dictionary to restore these values ​​as they appear, which allows us to extract the key.
Researchers to listen to telephone conversations continued to show the types of attacks that are possible when the enemy successfully jeopardizes SGX safety. Like Intel ExplainsThe key advantage of SGX is the remote certification, the process that first checks the authenticity and integrity of virtual machines or other software working inside the enclave and is not forged. After the software is checking, the enclave sends a remote side to a digital signature certificate, providing the identity of the test software, and a net amount of health certifying software is safe.
